diff options
| author | redmatrix <git@macgirvin.com> | 2016-07-20 17:55:40 -0700 |
|---|---|---|
| committer | redmatrix <git@macgirvin.com> | 2016-07-20 17:55:40 -0700 |
| commit | 3affb2e8172b4cc673aafe9551c21dad6f606d87 (patch) | |
| tree | 446d143aa2b47b8fd710b5a4920ee63196b8fe34 /include/security.php | |
| parent | d54ad9880252cf8c6d2c61a01680279741735a36 (diff) | |
| download | volse-hubzilla-3affb2e8172b4cc673aafe9551c21dad6f606d87.tar.gz volse-hubzilla-3affb2e8172b4cc673aafe9551c21dad6f606d87.tar.bz2 volse-hubzilla-3affb2e8172b4cc673aafe9551c21dad6f606d87.zip | |
sort out some of the authentication mess - with luck this may fix the DAV auth issue which I simply could not duplicate or find a reason for.
Diffstat (limited to 'include/security.php')
| -rw-r--r-- | include/security.php | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/include/security.php b/include/security.php index e345636e7..2107ed819 100644 --- a/include/security.php +++ b/include/security.php @@ -12,7 +12,7 @@ * @param bool $return * @param bool $update_lastlog */ -function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) { +function authenticate_success($user_record, $channel = null, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) { $_SESSION['addr'] = $_SERVER['REMOTE_ADDR']; @@ -23,11 +23,15 @@ function authenticate_success($user_record, $login_initial = false, $interactive $_SESSION['account_id'] = $user_record['account_id']; $_SESSION['authenticated'] = 1; + if($channel) + $uid_to_load = $channel['channel_id']; - $uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid']))) - ? intval($_SESSION['uid']) - : intval(App::$account['account_default_channel']) - ); + if(! $uid_to_load) { + $uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid']))) + ? intval($_SESSION['uid']) + : intval(App::$account['account_default_channel']) + ); + } if($uid_to_load) { change_channel($uid_to_load); @@ -85,16 +89,12 @@ function authenticate_success($user_record, $login_initial = false, $interactive function atoken_login($atoken) { if(! $atoken) return false; - - $xchan = atoken_xchan($atoken); - $_SESSION['authenticated'] = 1; - $_SESSION['visitor_id'] = $xchan['xchan_hash']; + $_SESSION['visitor_id'] = $atoken['xchan_hash']; $_SESSION['atoken'] = $atoken['atoken_id']; - \App::set_observer($xchan); - - return [ 'atoken' => true ]; + \App::set_observer($atoken); + return true; } @@ -102,7 +102,8 @@ function atoken_xchan($atoken) { $c = channelx_by_n($atoken['atoken_uid']); if($c) { - return [ + return [ + 'atoken_id' => $atoken['atoken_id'], 'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_name' => $atoken['atoken_name'], 'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(), @@ -115,7 +116,7 @@ function atoken_xchan($atoken) { ]; } - + return null; } |